Analysis by: Sabrina Lei Sioting
 PLATFORM:

Windows 2000, Windows Server 2003, Windows XP (32-bit, 64-bit), Windows Vista (32-bit, 64-bit), Windows 7 (32-bit, 64-bit)

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted: No

  • In the wild: Yes

  OVERVIEW

This Trojan may be hosted on a website and run when a user accesses the said website.

  TECHNICAL DETAILS

Tamaño del archivo 1,481 bytes
Tipo de archivo VBS
Residente en memoria No
Fecha de recepción de las muestras iniciales 22 Jun 2009

Arrival Details

This Trojan may be hosted on a website and run when a user accesses the said website.

NOTES:

This Trojan is an interactive ASP page command prompt that will show how vulnerable the IIS web server is to the IUSR_COMPUTER, IWAM_COMPUTER and SYSTEM user accounts. It runs in the context of the web server as a standard ASP page, and simulates a backdoor to any IIS web server.